LUCKNOW (CoinChapter.com) — A Crypto wallet connected to Binance suffered a $27 million hack on Nov. 11, on-chain analyst ZachXBT revealed on X.
It is not clear yet whether it was a planned hack. However, ZachXBT says the hacker had converted Tether (USDT) stablecoin to Ethereum (ETH) in no time and. Then, it sent the proceeds to various non-custodial exchanges like FixedFloat and ChangeNow in multiple transactions.
Interestingly, that is one of the most common tactics hackers use to obfuscate their shady transactions, primarily to complicate and prolong the investigation process. In the Binance wallet case, the hacker bridged stolen assets to Bitcoin via THORChain, a decentralized liquidity protocol.
According to Etherscan, it took eight minutes for the recipient to send $2.7 million to ten new addresses. The first transfer took less than 2 minutes.
ZachXBT later found that the victim’s wallet was connected to the Binance deployer.
“They will probably deposit the funds to a mixer or send them to a sketchy service next. To take large sums off-chain OTCs are common (will be later on after funds have been laundered),” said ZachXBT.
Etherscan data also reveals that on Nov. 5, the victim’s wallet received $26 million from the “Binance 16” hot wallet.
Web3 Security Breaches Resulted in $699M Losses in Q3 2023
Certik’s Web3 Security quarterly report revealed that Q3 2023 saw 184 security breach incidents, resulting in a total loss of over $699 million. This is more than the combined losses in the previous two quarters. Q1 and Q2 of this year saw a loss of $320 million and $313 million, respectively.
The firm’s report identified Lazarus Group, a North Korean state-affiliated entity, as a potential threat that targeted Web3 personnel this year. They employed sophisticated tactics based on social engineering to steal $291 million.
Additionally, 14 security breach incidents happened due to private key compromise, causing a total of $204 million in losses. The recent incident of private key compromise came into light on 9 November when crypto exchange CoinSpot fell victim to a $2.4 million hack.
